“Are apps listening to people's conversations to improve ad targeting?” I was contacted by leading Italian newspaper @repubblica to comment on this controversy. Find my response in this thread.
#privacy #dataprotection #spying #smartphones #listening #ads #surveillance #apps 1/n Abstract of a paper we have written on the topicA simplified overview of the threat model
*** QUESTION 1 ***
Is it possible for apps (“commercial” apps, not surveillance apps used by law enforcement) to secretly record conversations of users? 2/n
Yes, this is theoretically possible. Apps regularly obtain from us the permission to use our smartphones’ microphones. And many apps are suspected to misuse this permission for dubious purposes (e.g., to track us via “ultrasonic beacons”). 3/n
Ultrasonic beacons are Morse-style audio signals inaudible to the human ear which are played in stores or embedded into TV commercials and other broadcast content in order to be able to unobtrusively track the location, activities and media consumption of consumers. 4/n
It has been exposed that some apps scan ambient sound for such ultrasonic signals and secretly send them back to tracking networks for automated comparison. In the same way, apps may record private conversations and store them for further analysis. 5/n
In the latest mobile OS versions, as long as the screen is turned on, microphone activity is fairly visible (e.g., status bar turning red when recording takes place). 6/n
However, in some older OS versions, audio recording was (and still is) less visible. Android has been criticized for its slow update cycle, with many millions of devices running on outdated versions. 7/n
It has been argued that large-scale eavesdropping would be way too costly to be economically viable for the ad industry. But, as we state in a recent paper on the topic (link.springer.com/content/pdf/10…), there are several ways to make such attacks much more efficient and scalable... 8/n
..., for example: (1) low-quality audio recording, (2) local pre-processing, (3) keyword detection instead of full speech recognition and (4) selective recording based on time, location, user activity, sound level or other context variables. 9/n
Furthermore, there is research suggesting it may be possible to reconstruct words spoken by a user from accelerometer data (through sound vibrations). Accelerometers are tiny motion sensors embedded into many mobile devices, including smartphones. 10/n
While the published findings are still inconclusive, this potential attack vector needs to be investigated. Accelerometers are often less protected than microphones. Also, exploiting them would be much more energy-efficient (= less conspicuous) than recording via microphone. 11/n
In case you're interested in more details: I have explained and illustrated the privacy-invading potential of accelerometer data in this thread: 12/n
To add certain capabilities, apps commonly make use of "third-party libraries", i.e., code written by other companies. These libraries may inherit permissions, such as microphone access, from their host app and are often granted direct Internet access. 13/n
Apart from third-party libraries being over-privileged, it is problematic that app developers often have limited or no understanding of the library code. Thus, not only users but also app developers themselves may be unaware of granted permissions being abused. 14/n
App security checks conducted by ecosystem providers and the international research community have significant limitations. There are many blind spots and vulnerabilities, leaving potential room for sophisticated eavesdropping attacks to be successful and remain undetected. 15/n
*** QUESTION 2 ***
If it's technically possible, do you think that (at least for some apps) this it is happening now? 16/n
So far, despite widespread and persistent rumors, no hard evidence has been found to show that firms are secretly eavesdropping on smartphone users to inform ads. 17/n
And there are, of course, possible alternative explanations for eerily accurate ads (e.g., conventional tracking methods, profiling information from various sources being combined, inference algorithms, pure coincidence, people’s cognitive biases in memory and attention). 18/n
Thus, I'm not saying this is definitely happening. But it would be false to claim (as various commentators and news outlets have done) that these spying fears have been completely disproved. This is not the case. 19/n
Big Tech corporations are intruding our privacy in many reprehensible ways. Yet, IF commercial eavesdropping is a thing, I suspect it would not be carried out by Big Tech, but rather by companies that most people have never heard of (and, thus, have no reputation to lose). 20/n
Such companies may be acting inconspicuously in the background (e.g., no-name apps, third-party libraries) and feed their data into the advertising industry through dodgy channels that are difficult to trace. 21/n
*** QUESTION 3 ***
How can users find out whether something of this kind is happening in one of their apps? 22/n
As mentioned above, the latest mobile OS versions usually indicate microphone activity (e.g., red status bar). Users can also decide which apps to grant microphone permission. However, people often accept permission requests blindly when interested in an app’s functionality. 23/n
Should an attack be based on exploited security vulnerabilities/loopholes (or even on smartphone sensors other than the microphone), eavesdropping attacks may be impossible to detect for ordinary users – and even for IT security professionals. 24/n
Further, it is important to understand: Even voice recordings conducted with a user's explicit consent can be misused in harmful ways. Being aware of the recording taking place does not equal knowing (let alone controlling) what exactly the data will be used for. 25/n
Sensitive information may secretly be extracted from voice data (whether the recording was made legitimately or not) and be used for intrusive tracking and profiling purposes, ultimately leaving users without control over their privacy. 26/n
We have published a paper on the privacy impacts of modern voice and speech analysis: link.springer.com/content/pdf/10…. The paper provides a structured overview of personal information that can be inferred from voice recordings by using machine learning techniques. 27/n
In short: Apart from the linguistic content of speech, voice characteristics and manner of expression can contain cues to a speaker’s sex, age, biometric identity, personality, geographical origin, emotions, drug consumption, social status, and physical and mental health. 28/n
Even when putting aside the question of eavesdropping, today’s mobile devices allow a large variety of actors to track private citizen in a much more efficient and detailed way than would have been possible in the most repressive regimes & police states of the 20th century. 29/n
At the bottom line, whether sensitive information is extracted from private conversations or collected from other sources does not make much difference to the possibilities of data exploitation and the entailing consequences for the data subject. 30/n
Therefore, whether justified or not, the suspicions examined in this thread eventually lead to a very fundamental question: What degree of surveillance should be considered acceptable for commercial purposes like targeted advertising? 31/n
Given the complexities involved, users cannot be expected to effectively “defend themselves” against data misuse or give truly “informed consent” to data processing, calling into question the prevalent legal paradigm of notice-and-consent (a.k.a. privacy self-management). 32/n
People’s privacy choices are typically irrational, involuntary and/or circumventable due to human limitations, corporate tricks and legal loopholes – as we discuss in-depth in other recent work: ssrn.com/abstract=38817… 33/n
Government interventions may be necessary to protect consumers from consequences of their own unawareness, as me and my co-authors argue in Sect. 7 of this paper. To arrive at actionable policy recommendations, further research on this issue is urgently needed. 34/n
Thank you so much for reading. I will post more information/updates soon.

Also, feel free to share your thoughts and ideas. How should our society deal with the obvious failure of the “notice -and-choice” approach?
For those interested, here is the article that appeared in newspaper “la Repubblica” after my comments: repubblica.it/cronaca/2021/0… [written in Italian & currently behind a paywall, which motivated me to post my response to the journalists on Twitter].

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jacob Leon Kröger

Jacob Leon Kröger Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @JL_Kroger

29 Jul
What can companies learn about you by analyzing how you hold and move your mobile devices (e.g., smartphone/-watch)? In this thread, I summarize our study on the astounding privacy implications of accelerometer sensors #privacy #dataprotection #machinelearning #AI #IoT 1/n
Link to paper (open access): dl.acm.org/doi/pdf/10.114…. In it, we provide a structured overview of personal information that can be inferred from accelerometer data by using machine learning techniques. 2/n
While this may sound like a topic for tech nerds, the paper is digestible for laypeople and relevant for anyone curious about the information we unknowingly reveal to companies through embedded sensors. 3/n
Read 23 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(